06-27-2024, 04:51 PM
Sounds like a rather bad situation for me. The symptoms you describe are typical for backdoors or remote access trojans (which are almost the same thing these days). But anyways, what you did was spot on - this cut down the remote session.
However, scanning with MS Defender was not the best option. Such tricky malware typically protects itself against that program by adding the location it keeps its files in to a whitelist. This, however, will be impossible to do with another anti-malware program. I particularly recommend using GridinSoft Anti-Malware: its continuous database updates make it capable of detecting even the most sneaky malware.
But before downloading and scanning, you'd better switch the system to Safe Mode with Networking. This will ensure the hacker won't connect the system once again and disrupt the removal operation.
However, scanning with MS Defender was not the best option. Such tricky malware typically protects itself against that program by adding the location it keeps its files in to a whitelist. This, however, will be impossible to do with another anti-malware program. I particularly recommend using GridinSoft Anti-Malware: its continuous database updates make it capable of detecting even the most sneaky malware.
But before downloading and scanning, you'd better switch the system to Safe Mode with Networking. This will ensure the hacker won't connect the system once again and disrupt the removal operation.